What files do I need?
**** NOTE: This method currently requires you be on 1.1.1 of the firmware. If you are on 1.1.2
you must downgrade prior to being able to use this jailbreak. ****
**** NOTE: PLEASE NOTE THIS METHOD ONLY WORKS ON ITUNES ACTIVATED PHONES OR IPOD TOUCHES ****
Step 1: Downgrade to 1.1.1 (if required)
*** NOTE: errors 1015 is expected at the end of the process. Continue reading to understand. ***
1. Download the 1.1.1 ipsw firmware file from Apple. If the downloaded file has the extension
“.zip”, please remove it and modify it to end up with a filename ending in _Restore.ipsw
2. Reboot your iPhone holding the top (power) and home buttons BUT release the top button 10
seconds into it (right after the screen goes dark) and continue to hold the home button until
iTunes detects the phone in recovery mode. The iPhone screen will appear to be off, but start
iTunes if not started yet .
3. Restore your iPhone by pressing and holding the ‘Shift’ key on windows or ‘option’ key on Mac,
then click ‘restore’ to select the 1.1.1 firmware file you downloaded earlier. The restore should
go through and errors at the end with error 1015. However you will notice that the iphone is in
DFU mode with the connect to itunes screen from 1.1.1.
4. In order to kick the phone out of that mode I just had to launch iNdependence version 1.2.5
and wait a minute or so. If you are using iTunes 7.5 you will have to get a MobileDevice from a
previousv version in order to run Independence.
Step 2a: Jailbreak 1.1.1 on Unactivated iPhone
*** NOTE: If your phone has been activated through iTunes, you can proceed to step 2b. ***
1. enter *#307# press call, now use the back button on the top of your screen to remove *#307# ,
now enter 0 , press call, press answer, press hold, press decline. And you get to the contact
list. And thereafter every time you push the homebutton you just slide the “emergency call”
slide, then enter 0 , press call, press hold, press decline.
2. Push contacts, end call and you get called again, this time hit decline and you access one of
menus with favorites, you can edit contacts, do a test ride on keyboard, take photos etc.
3. Now edit a new contact and type in “prefs://1F” as web-address and “http://jailbreakme.com” as
an additional URL.
4. When you tap “prefs://1F” you can now select your favorite WiFi gateway.
5. Now press the home button and move the slider to the dial-pad.
6. Now you can go back to the contact list by Dialing 0, push call, then answer, then contacts,
then hit the “http://jailbreakme.com” web address you typed in.
7. Scroll down to the bottom, click “Install AppSnapp”. Safari will exit and you’ll return to your
springboard. Wait for the phone to reboot. You are now jailbroken. and are able to use
Step 2b: Jailbreaking on iPod Touch or iTunes Activated iPhone
1. Launch Safari
2. Visit http://jailbreakme.com, Scroll down to the bottom, click “Install AppSnapp”. Safari will
exit and you’ll return to your springboard. Slide to unlock, you are now jailbroken. and are
able to use Installer.app.
Step 3: Prepare your 1.1.1 device for the Update
1. Launch Installer.app
2. Scroll down to Tweaks (1.1.1)
3. Select OktoPrep
4. Click Install
Step 4: Update to 1.1.2
1. Connect your device to your computer
2. Launch iTunes
3. Choose your device
4. Click Update
5. Wait forever for your device to update
Step 5: Jailbreak your iPhone
1. Close iTunes
2. Connect your device to your computer
3. On Windows, double click on windows.bat, on Mac, double click on osx
4. Follow the on screen instructions.
Step 6: Unlocking 1.1.2
1. Download AnySim 1.2 from here or get it from installer.app
Note: If you used installer.app to get anysim 1.2 then ignore step 2 and move on to step 3.
2. Open WinSCP and login using these details (ID- root / Pass- alpine) :
Note: Make sure your iPhone is connected to the same network (internet) as your main pc you are using for this step.
3. Run AnySim
Frequently Asked Questions :
1. when i click on windows.bat, the terminal opens and closes.
Install Java Runtime
2. How do I activate the phone if I am not on ATT?
– Download this
– Upload it to root/usr/libexec directory, overwriting the existing lockdown file using WinSCP (need wifi + ssh for this)